- set dhcp client for ether1
- set bridge lan for the rest
- set bridge lan for the rest
- assign random private ip for bridge lan
- set dhcp server for bridge lan
- set srcnat masquerade all interface
- set ntp client
- set quad9 dns
save script to newdevice.rsc
upload file and import newdevice.rsc
---- start script ----
/ip dhcp-client
add interface=ether1 use-peer-dns=no use-peer-ntp=no
/interface bridge
add name=br-lan
/interface list
add name=LAN
:local interfaceName [/interface get $i name]
/interface list member
add interface=$interfaceName list=LAN
}
/interface bridge port
add bridge=br-lan interface=LAN
/ipv6 settings
set disable-ipv6=yes forward=no
:local thirdOctet ([ :rndnum from=0 to=255 ])
:local ipAddress ("192.168." . $thirdOctet . ".1/24")
/ip address add address=$ipAddress interface=br-lan
:local poolName "dhcp_pool0"
:local dhcpServerName "dhcp1"
/ip pool
add name=$poolName ranges=("192.168." . $thirdOctet . ".2-192.168." . $thirdOctet . ".254")
/ip dhcp-server
add name=$dhcpServerName interface=br-lan address-pool=$poolName lease-time=1d disabled=no
/ip dhcp-server network
add address=("192.168." . $thirdOctet . ".0/24") gateway=("192.168." . $thirdOctet . ".1") dns-server=("192.168." . $thirdOctet . ".1")
/ip firewall nat
add action=masquerade chain=srcnat
/ip cloud
set update-time=no
/system ntp client
set enabled=yes
/system ntp client servers
add address=0.pool.ntp.org
add address=clock.nectec.or.th
/ip dns
set allow-remote-requests=yes servers=9.9.9.9,149.112.112.112
/ip service
set telnet disabled=yes
set ftp disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ip ssh
set host-key-type=ed25519
ip ssh set strong-crypto=yes
/system routerboard settings
set auto-upgrade=yes
/system clock
set time-zone-autodetect=no time-zone-name=Asia/Bangkok
---- end script ----
